09-18-2007 07:35 PM - edited 03-11-2019 04:12 AM
Hi,
I've always read we should not configure dynamic routing protocols on Firewall. Why?
We can control routing updates using route filters and allow what updates should be allowed bet rouer/fw then what is the harm in configuring it.?
Can someone please justify with links to best practices for it from cisco/SANS etc.
reg.
YT
09-24-2007 03:58 PM
Static routing provides the best security. Because If malicious / incorrect routing updates are injected into the PIX, then that
can affect overall operation of the PIX
09-25-2007 09:20 PM
Agree with your reply and that is waht we have always followed for, But can you point me to some links on cisco/SANS site where this info is documented.
Reg.
YT
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide